Remove Azure DevOps Account when remove from company AD
Question
Is there a automatic(script or similar) way of removing account subscription from Azure DevOps when account removed from company AD. Today this is a manual effort in our company and not very effective.
2 answers
solution1
0 ACCPTED 2020-10-13 03:04:14
If you want to delete service connections of subscriptions, you can use some REST APIs.
Step1. Get the project id where you want to delete connections
GET https://dev.azure.com/{organization}/_apis/projects/{projectName}?api-version=6.1-preview.4
Step2. Get a list of service connection ids in the project: Endpoints - Get Service Endpoints list
GET https://dev.azure.com/{organization}/{project}/_apis/serviceendpoint/endpoints?api-version=6.1-preview.4
Or you can get a specific service connection id by its name: Endpoints - Get Service Endpoints By Names :
GET https://dev.azure.com/{organization}/{project}/_apis/serviceendpoint/endpoints?endpointNames={endpointNames}&api-version=6.1-preview.4
Step3: Delete service connections: Endpoints - Delete :
DELETE https://dev.azure.com/{organization}/_apis/serviceendpoint/endpoints/{endpointId}?projectIds={projectIds}&api-version=6.1-preview.4
Multiple service connections can be quickly deleted by using the service connection id as the {endpointId} and repeating this REST API.
solution2
0 2020-10-14 05:56:39
Thanks, this partly answers my questions. In the best of worlds I would however the account be removed from the AzDO organisation (automatically) when removed from AD. Using group rule for example does not remove the users from the organization.
It would also be OK to have a script that checks if user is part of AD and then removes from AzDO organization if not available in the AD.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.